role service-fastd-mesh: add fastd-exporter

This commit is contained in:
Julian Labus 2018-09-25 10:38:41 +02:00
parent 46242b965d
commit 8c4ec4170e
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
7 changed files with 85 additions and 0 deletions

View file

@ -37,6 +37,14 @@ scrape_configs:
group: '{{ group }}' group: '{{ group }}'
{% endfor %} {% endfor %}
- job_name: "fastd"
scheme: "https"
static_configs:
- targets:
{% for host in groups['ffmwu-gateways'] %}
- '{{ host }}:9281'
{% endfor %}
- job_name: "icmp6" - job_name: "icmp6"
metrics_path: /probe metrics_path: /probe
params: params:

View file

@ -3,6 +3,16 @@
systemd: systemd:
daemon_reload: yes daemon_reload: yes
- name: restart fastd-nginx
systemd:
name: nginx.service
state: restarted
- name: restart fastd-exporter
systemd:
name: fastd-exporter.service
state: restarted
- name: restart fastd mesh instances - name: restart fastd mesh instances
systemd: systemd:
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}" name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"

View file

@ -1,5 +1,7 @@
--- ---
dependencies: dependencies:
- { role: golang }
- { role: git-repos } - { role: git-repos }
- { role: network-fastd } - { role: network-fastd }
- { role: service-fastd } - { role: service-fastd }
- { role: service-nginx }

View file

@ -147,3 +147,25 @@
enabled: yes enabled: yes
state: started state: started
loop: "{{ meshes | subelements('fastd.nodes.instances') }}" loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: build fastd-exporter binary
shell: "GOPATH={{ gopath }} go get -v -u github.com/freifunk-darmstadt/fastd-exporter"
notify: restart fastd-exporter
- name: copy vhost fastd_exporter.conf
template:
src: "fastd_exporter_vhost.conf.j2"
dest: "/etc/nginx/conf.d/fastd_exporter.conf"
notify: restart nginx
- name: create systemd unit for fastd-exporter
template:
src: "fastd-exporter.service.j2"
dest: "/etc/systemd/system/fastd-exporter.service"
notify: reload systemd
- name: configure fastd-exporter systemd unit
systemd:
name: "fastd-exporter.service"
enabled: yes
state: started

View file

@ -0,0 +1,19 @@
[Unit]
Description=Fastd Prometheus Exporter
Documentation=https://github.com/freifunk-darmstadt/fastd-exporter
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
{% if fastd_exporter_opts is defined %}
ExecStart={{ fastd_exporter_path }} {{ fastd_exporter_default_opts }} {{ fastd_exporter_opts }} --instances="{% for mesh in meshes %}{% for instance in mesh.fastd.nodes.instances %}{{ mesh.id }}vpn-{{ instance.mtu }}{% if not loop.last %},{% endif %}{% endfor %}{% if not loop.last %},{% endif %}{% endfor %}"
{% else %}
ExecStart={{ fastd_exporter_path }} {{ fastd_exporter_default_opts }} --instances="{% for mesh in meshes %}{% for instance in mesh.fastd.nodes.instances %}{{ mesh.id }}vpn-{{ instance.mtu }}{% if not loop.last %},{% endif %}{% endfor %}{% if not loop.last %},{% endif %}{% endfor %}"
{% endif %}
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,22 @@
server {
listen {{ lookup('dig', inventory_hostname, 'qtype=A') }}:9281 ssl;
listen [{{ lookup('dig', inventory_hostname, 'qtype=AAAA') }}]:9281 ssl;
server_name {{ inventory_hostname_short }}.{{ http_domain_external }} {{ inventory_hostname_short }}.{{ http_domain_internal }};
ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem;
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
location / {
proxy_pass http://127.0.0.1:9281;
allow 127.0.0.0/8;
allow ::1/128;
{% for host in groups['ffmwu-monitoring'] %}
allow {{ lookup('dig', host, 'qtype=A') }};
allow {{ lookup('dig', host, 'qtype=AAAA') }};
deny all;
{% endfor %}
}
}

View file

@ -0,0 +1,2 @@
fastd_exporter_path: "{{ gopath }}/bin/fastd-exporter"
fastd_exporter_default_opts: "--web.listen-address=localhost:9281"